The risk-based authentication (RBA) message policy defines the message that users see when they are prompted to configure an identity confirmation method.

RSA Authentication Manager provides a default RBA message policy. You can create additional RBA message policies, and set any one as the default. The RBA message policy applies to all users in the security domain.